#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

AitM Attack | Breaking Cybersecurity News | The Hacker News

Category — AitM Attack
Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Aug 29, 2023 Online Security / Cyber Threat
Microsoft is warning of an increase in adversary-in-the-middle ( AiTM ) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities. "This development in the PhaaS ecosystem enables attackers to conduct high-volume phishing campaigns that attempt to circumvent MFA protections at scale," the Microsoft Threat Intelligence team  said  in a series of posts on X (formerly Twitter). Phishing kits with AiTM capabilities work in two ways, one of which concerns the use of reverse proxy servers (i.e., the phishing page) to relay traffic to and from the client and legitimate website and stealthily capture user credentials, two-factor authentication codes, and session cookies. A second method involves synchronous relay servers. "In AiTM through synchronous relay s...
New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

May 13, 2023
A new phishing-as-a-service (PhaaS or PaaS) platform named  Greatness  has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates highly convincing decoy and login pages," Cisco Talos researcher Tiago Pereira  said . "It contains features such as having the victim's email address pre-filled and displaying their appropriate company logo and background image, extracted from the target organization's real Microsoft 365 login page." Campaigns involving Greatness have mainly manufacturing, health care, and technology entities located in the U.S., the U.K., Australia, South Africa, and Canada, with a spike in activity detected in December 2022 and March 2023. Phishing kits like Greatness offer t...
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

Jan 16, 2025Identity Protection / SaaS Security
You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks . (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as little as $10 (Source: Verizon). Something doesn't add up. So, what's going on? In this article, we'll cover: What's contributing to the huge rise in account compromises linked to stolen creds and why existing approaches aren't working.  The world of murky intelligence on stolen credentials, and how to cut through the noise to find the true positives. Recommendations for security teams to stop attackers from using stolen creds to achieve account takeover. Stolen credential-based attacks are on the rise There's clear evidence that identity attacks are now the #1 cyber threat f...
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Aug 03, 2022
A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu  said  in a Tuesday report. "The campaign is specifically designed to reach end users in enterprises that use Microsoft's email services." Prominent targets include fintech, lending, insurance, energy, manufacturing, and federal credit union verticals located in the U.S., U.K., New Zealand, and Australia. This is not the first time such a phishing attack has come to light. Last month, Microsoft  disclosed  that over 10,000 organizations had been targeted since September 2021 by means of AitM techniques to breach accounts secured with multi-factor authentication (MFA). The ongoing campaign, effective June 2022,...
cyber security

2024: A year of identity attacks | Get the new ebook

websitePush SecurityIdentity Security
Identity attacks were the leading cause of breaches in 2024. Learn how tooling and techniques are evolving.
Expert Insights / Articles Videos
Cybersecurity Resources